Using MAK Activation
MAK activation is used for one-time activation through Microsoft’s hosted activation services, with no renewals required. For background information about MAK activation, see the Volume Activation 2.0 Planning Guide at https://technet.microsoft.com/en-us/library/cc303276.aspx.
Converting KMS Clients to MAK Activation
Windows 7 and Windows Server 2008 R2 are installed automatically as KMS clients. To convert a KMS client to MAK activation, install a MAK. A MAK can be installed during or any time after operating system installation.
A MAK can be installed on a reference image of Windows 7 and Windows Server 2008 R2 to make all installations from that image use MAK activation instead of the default KMS activation. Doing so alleviates the need to specify a MAK in an unattended installation file.
Installing a MAK During Operating System Installation
Administrators can convert a KMS client to a MAK client during the initial installation of Windows 7 or Windows Server 2008 R2 by including a MAK in an unattended setup (Unattend.xml) file. The Unattend.xml file can be used with Setup.exe or Windows Deployment Services. For more information, see the Unattended Windows Setup Reference help file in the Windows AIK at https://go.microsoft.com/fwlink/?LinkId=136976.
Note The MAK is stored in clear text in the Unattend.xml file. During an unattended installation, the file Unattend.xml or AutoUnattend.xml is copied to the %SystemRoot%\Panther folder of the target computer. However, at the end of the Setup process, the Setup program replaces it with “SENSITIVE*DATA*DELETED.”
Installing a MAK After Operating System Installation
A volume edition of Windows 7 and Windows Server 2008 R2 can be configured to use MAK activation by using the Control Panel System item or by running the Slmgr.vbs script:
To install a MAK using the System application, click the Change your product key link, and then type the MAK in the Change your product key for activation dialog box.
To install a MAK by using Slmgr.vbs, run the following command at a command prompt:
slmgr.vbs /ipk <MultipleActivationKey>
where MultipleActivationKey is the MAK.
If users install a MAK using the user interface (UI), the MAK client attempts to activate itself over the Internet one time. If the users install a MAK using the Slmgr.vbs script, the MAK client does not try to activate itself automatically.
Disabling Automatic Activation
To disable automatic activation on any MAK client, set the DWORD registry value Manual to 1. This value is in the registry subkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Activation.
Activating MAK Clients
The MAK client attempts to activate itself over the Internet at the next scheduled interval. Administrators can force immediate activation over the Internet , by telephone, or by using the VAMT.
To confirm activation, check the system tray for a notification that says, “Windows is activated.” Alternatively, type slmgr.vbs /dli at a command prompt to view the activation status of a computer.
Activating MAK Clients over the Internet
A MAK client can be activated over the Internet in either of two ways:
Click the Click here to activate Windows now link in the Control Panel System item. Windows reports whether the activation was successful. If activation was unsuccessful, a wizard presents additional options.
Run slmgr.vbs /ato at a command prompt. Additional options are not presented when using slmgr.vbs.
Activating MAK Clients Through a Proxy Server
Activation over the Internet may be blocked if the proxy server requires user authentication. In Microsoft Internet Security and Acceleration (ISA) Server , this setting is called Basic authentication. Because activation requests do not present the user's credentials to the proxy server, Microsoft recommends not using Basic authentication with ISA Server or other proxy servers. However, if Basic authentication or a comparable mechanism must be used on the proxy server , add the following URLs to the Proxy Authentication exclusion list:
https://crl.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl
https://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl
https://www.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl
https://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureServer.crl
https://www.microsoft.com/pki/crl/products/MicrosoftProductSecureServer.crl
Activating MAK Clients Using the Telephone
To activate computers that are connected to the organization’s network but do not have Internet connectivity, use Slmgr.vbs. In the Command Prompt window , type:
slmgr.vbs TargetComputerName <Username> <Password> /dti
to display the information required to complete telephone activation. To obtain the telephone number for an Activation Call Center in your local region , run slui.exe 4. Use the Interactive Voice Response system to obtain the CID; then, run:
slmgr.vbs TargetComputerName <UserName> <Password> /atp <CID>
to install the CID. If activation is performed frequently or multiple computers are activated, it may be more useful to automate the process using the Slmgr.vbs script.
Activating MAK Clients Using VAMT
VAMT allows automation of MAK deployment and activation over the network by distributing MAKs from a centralized console, as Figure 1 shows. VAMT queries Microsoft activation servers to get the number of remaining activations for a given MAK, then lists the activation status of all MAK-activated systems in the environment. This count is a snapshot in time, not a real-time count. VAMT version 1.2 is included in the Windows AIK, which is available from the Microsoft Download Center at https://go.microsoft.com/fwlink/?LinkId=136976.
Figure 1. The VAMT UI
Integrating MAKs with Deployment Workbench
Microsoft Deployment Toolkit (MDT) also provides a solution for deploying MAKs. In Deployment Workbench, administrators configure the MAK in task sequences , which add the MAK to the Unattend.xml file used during installation. Administrators can prepare the reference image for KMS activation, then, during deployment , MDT activates the installation by using a MAK as long as it does not detect a KMS infrastructure. MDT applies the MAK after installing the image. For more information about MDT, see Deployment TechCenter at https://technet.microsoft.com/en-us/deployment/default.aspx.